Julian Garrido
Director General Mexico
Mnemo
/
View from the Top

Mnemo: Counterattacking Cybercriminals

By MBN Staff | Fri, 01/22/2021 - 09:44

Q: You started innovating and developing your own systems in the late 2000s. What is the focus of Mnemo’s R&D?

A: In order To counterattack cybercriminals, we need to have systems, technology. What we see today in the market is not necessarily oriented to combatting cybercrime. There are software components that allow clients to create the architecture of security and to address specific areas. But they need these different components to talk to each other. This makes the cybersecurity strategy much more robust. To accomplish this, you need technology.

Q: What are some examples of products that you have developed that satisfy this need?

A: We have developed two specific products. One is a research platform for cyber-intelligence, called Nerv. We can connect this platform to multiple databases of different types. They can be structured or unstructured. They can be social media or connected to the deep and dark web. This platform can reduce investigation time dramatically. An investigation that usually take weeks or months can be done with three hours of analysis. We initially developed this platform with the goal of making our day-to-day activities more efficient. Now, it is also a strong tool for cybersecurity. 

The second product is called Cyberdefense. This is a platform that summarizes the output of several intelligence tools. It contains bundled knowledge of threats and has a module that can analyze malware. If a computer is doing something weird, we can take a sample of that malware and compare it against other samples that are stored in the portal. Furthermore, by putting malware indicators in the portal, our clients can personally see whether a document or email is phishing or not. Cyberdefense is very useful for a NIST framework. Many industries implement this because it essentially regulates best practices for cybersecurity. The portal can be used to enter and compare indicators of information breaches, such as in the financial industry. The same can be done for fake social media accounts. The portal also has a module that allows you to investigate what happens in the deep and dark web. For example, actors may be trying to sell assets, such as passwords and archives. Cyberdefense collects information from 500 CERT-certified companies across the world, which provides a wealth of information.

Q: How do you integrate software components into these systems?

A: There are two ways. On the one side, all components have logs. We collect and correlate these logs to generate intelligence. The second method is through APIs in infrastructure components. These are connected to a firewall, antivirus or IPS, and they allow the components to interact with each other. If there is an incident, one component informs the others and they act. This is essentially an automation model built on APIs. 

Q: Why is CERT an important distinction?

A: The CERT mark was created by the University of Carnegie Mellon. It essentially stipulates a series of norms and specific steps for a security operation. If you have the right capacities and processes, you can receive the mark. For many corporations, the CERT mark is essential when selecting a cybersecurity company. Another forum we are part of is First. In Mexico, there are about 10 players who are part of this. Both communities essentially bring together capable security companies. Cooperation, through exchange of information on threats, is essential in a world where between 500,000 to 6 million zero-day attacks are launched every day. It is impossible for one company to oversee that.

Q: Mnemo arrived in Mexico in 2011. What have been your main achievements since then?

A: We were the first to create a real cybersecurity center for the financial sector in the country that was certified according to global standards. As I mentioned before, we are members of an organization called First, where companies around the world share information on cybersecurity developments. We were able to bring that knowledge to Mexico. Another big achievement has been our ability to sign very big clients and maintain long-term contracts with them. 

We have an important presence in the financial sector, and in the insurance sector. We have a small participation in the public sector. Other industries in which we have very big clients are telecom and mining. In the latter, we work with the most important players. We also have clients in a range of other sectors, such as retail.

I think part of the reason why companies have chosen to work with us is because we are a true engineering company. We have a very strong passion for detail and continuous improvement. We have specific areas of knowledge, which include management, incident response, cyber-intelligence and vulnerability analysis with pen-testing. I think having this level of specialization is key to providing high levels of service. The teams work independently but also interact with each other. 

Q: What are your most important commercial alliances?

A: We have a variety of alliances, some with consultancies. For example, we work extensively with one of the Big Four. We also have partnerships with software manufacturers, including Microsoft, Google, McAfee and Palo Alto Networks. A few other of them are small but very innovative in their software solutions. Furthermore, we have relationship with an integrator based in Monterrey called Trust Dimension. They help us cover that geographic zone. Lastly, we exchange information on cybersecurity threats with a few other cybersecurity services companies within our region.

Q: Besides Spain, Mexico and Colombia, in which other countries are you venturing?

A: We provide services in Peru, Argentina and Chile and have some isolated projects in Central America. Mnemo serves many international companies. We have the capacity to provide services to a company in any country. Typically, the only barrier is the language. One growth opportunity would be to enter the US. We think our products could add significant value to that market, aside from having a competitive cost structure. We are developing alliances and capacity to facilities our expansion into the US. Our goal is to enter around mid-2021.

Mnemo is a Spanish cybersecurity services company with a presence in Mexico and Colombia. The company has developed two cybersecurity systems: Nerf and Cyberdefense.

MBN Staff MBN Staff MBN staff